The boom in Big Data has created new opportunities and risks. Fortune recently reported that 2021 had seen more data breaches by early October than all of 2020 – a 17% spike. More than 280 million people – equivalent to 85% of the US population – have suffered from a data breach this year. The increasing likelihood and impact of data breaches are prompting companies to boost their investment in security.
Any effort to pursue transformative data initiatives needs to respond to these increasing security concerns. Let’s set the context by reviewing the recent developments on data, privacy, and regulatory change.
The Current State of Data Analytics and Cybersecurity
The explosion in Big Data analytics – especially relating to personal data – has created significant value for many companies. Unfortunately, a series of scandals and data breaches have led to pushback against the way data is managed.
The increasing emphasis on privacy and data protection takes several forms. The European Union started enforcing GDPR (General Data Protection Regulation) in 2018, which caused companies worldwide to improve their privacy policies and programs. In July 2020, California started to enforce the California Consumer Privacy Act (CCPA). In addition to California, Colorado and Virginia have passed state laws on privacy recently.
In addition, multiple states, including Texas, New York, and Illinois, are currently considering additional laws according to the International Association of Privacy Professionals’ US State Privacy Legislation Tracker.
Change is also coming from companies. Over the past few years, Apple has changed its policies and technologies to emphasize consumer privacy much more strictly. These changes have led to several companies like Facebook and Snapchat losing revenue. Like Apple, Google has stepped up its investment in privacy.
The trend toward increased data security controls puts IT in a difficult position. On the one hand, IT is asked to keep up with increasing expectations for privacy protection. On the other hand, locking data away means that progress on data projects may slow down. Navigating these competing data priorities is about to get easier.
What’s Possible Using Modern Tools
Organizations no longer have to accept the false choice between data protection and data-fueled innovation. Prologis, for example, has used Snowflake technology to build a better IT security function. By using Snowflake, the Prologis security team has gained better visibility into security risks and incidents inside the company. There are four key callouts
1 Use Third-Party Data
Using a third-party data source to enrich decision-making is a significant opportunity to innovate. For example, Chipotle recently used external health data to make county-level decisions during the COVID-19 pandemic. By using Snowflake technology, the company could leverage external data successfully to decide when to open and close locations throughout the country based on local risk factors.
Using external data to improve decision-making is attractive because it carries lower risk. After all, the third-party manages the data rather than your organization.
2 Automate Security Remediation
In the past, solving IT security problems sometimes required interrupting existing work. The resulting delays made it more difficult to achieve progress. This disruptive approach is starting to change thanks to automation.
Snowflake offers automated security control validation. For example, there’s a good chance that employees have left your organization over the past year. The Great Resignation of 2020-21 means that millions of people are changing jobs. As a result, there’s a good chance that you have inactive user accounts from those former employees. By automatically comparing active employee lists in an HR database with user lists elsewhere, it is easier to find
Connecting these different sources of data is just the start. The real value comes in using this combined data to make automatic remediation. For example, setting up rules to automatically deactivate user accounts if that user no longer shows as an active employee. Snowflake makes it possible to make these security updates on a near real-time basis.
3 Leverage Nuanced User Permissions
Keeping data projects secure is much easier when you have the right permissions for the job at hand. In Snowflake, this is getting easier because a single user can have one primary role and multiple secondary roles. Giving users secondary permissions is helpful when somebody needs to access several databases simultaneously (i.e., cross-database joins and related actions).
Using the above model of primary roles and secondary roles replaces the legacy concept of super users. In the past, companies sometimes found role management too challenging to manage at a satisfactory level of detail. To enable productivity, “super user” accounts were created with an extraordinary level of access privileges. This type of super-user access carries significant risk since it can be used in unpredictable ways, like giving out access to others.
4 Share Data Without Losing Control
Historically, sharing data with an outside party was something of a risky proposition. The risk of data collaboration is coming down substantially thanks to new capabilities developed by Snowflake. Specifically, you can tokenize, mask and encrypt data for sharing, which means you never lose control.
This technology makes it easier to create private data clean rooms. A data cleanroom is a safe environment where multiple departments of a company (or several companies) can come together to use data. Facebook has offered these clean data rooms to some of its largest customers in the past, but those efforts were expensive and difficult to manage. You can collaborate with third parties without losing control over your data by making it easier for others to view data but not export it.
Changing Your Data Analytics and Security Culture Starts Here
Changing your organization’s habits and processes to increase access to data while meeting governance goals simultaneously isn’t easy. Navigating this change is easier when you have the proper support. By working with Hakkoda’s scalable team of Snowflake experts, you can fully leverage Snowflake’s data capabilities much faster. Data fuelled innovation no longer has to come at the price of taking security and governance shortcuts.
More from Hakkoda:
Download our eBook: THE STATE OF DATA AND THE HIGH COSTS OF DATA SPRAWL
Read other blogposts:
- Data Governance, Snowflake Tagging and User Access Auditing
- Why So Much Data is Being Collected, Why Is So Little Being Used?
- Snowflake as a Solution for Global Data Compliance
- You Need Data to Innovate But You Also Need Broad Data Usability